[147101] in cryptography@c2.net mail archive
[Cryptography] Security is a total system problem (was Re:
daemon@ATHENA.MIT.EDU (Perry E. Metzger)
Fri Sep 13 15:23:59 2013
X-Original-To: cryptography@metzdowd.com
Date: Fri, 13 Sep 2013 15:23:53 -0400
From: "Perry E. Metzger" <perry@piermont.com>
To: Eugen Leitl <eugen@leitl.org>
In-Reply-To: <20130913060838.GC10405@leitl.org>
Cc: cryptography@metzdowd.com
Errors-To: cryptography-bounces+crypto.discuss=bloom-picayune.mit.edu@metzdowd.com
On Fri, 13 Sep 2013 08:08:38 +0200 Eugen Leitl <eugen@leitl.org>
wrote:
> Why e.g. SWIFT is not running on one time pads is beyond me.
I strongly suspect that delivering them securely to the vast number
of endpoints involved and then securing the endpoints as well would
radically limit the usefulness. Note that it appears that even the
NSA generally prefers to compromise endpoints rather than attack
crypto.
The problem these days is not that something like AES is not good
enough for our purposes. The problem is that we too often build a
reinforced steel door in a paper wall.
Perry
--
Perry E. Metzger perry@piermont.com
_______________________________________________
The cryptography mailing list
cryptography@metzdowd.com
http://www.metzdowd.com/mailman/listinfo/cryptography
